Filtered by vendor Nvidia
Subscribe
Total
555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0209 | 1 Nvidia | 2 Dgx-1, Sbios | 2023-04-29 | N/A | 7.8 HIGH |
| NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass. | |||||
| CVE-2023-25506 | 1 Nvidia | 2 Dgx-1, Sbios | 2023-04-29 | N/A | 8.2 HIGH |
| NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components. | |||||
| CVE-2023-25509 | 1 Nvidia | 2 Dgx-1, Sbios | 2023-04-29 | N/A | 7.8 HIGH |
| NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges. | |||||
| CVE-2023-25505 | 1 Nvidia | 2 Bmc, Dgx-1 | 2023-04-29 | N/A | 7.8 HIGH |
| NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution. | |||||
| CVE-2023-25508 | 1 Nvidia | 2 Bmc, Dgx-1 | 2023-04-29 | N/A | 7.8 HIGH |
| NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2023-25507 | 1 Nvidia | 2 Bmc, Dgx-1 | 2023-04-29 | N/A | 8.8 HIGH |
| NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-0207 | 1 Nvidia | 2 Dgx-2, Sbios | 2023-04-29 | N/A | 4.4 MEDIUM |
| NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service. | |||||
| CVE-2023-0201 | 1 Nvidia | 2 Bmc, Dgx-2 | 2023-04-29 | N/A | 6.7 MEDIUM |
| NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure. | |||||
| CVE-2023-0200 | 1 Nvidia | 2 Bmc, Dgx-2 | 2023-04-29 | N/A | 6.7 MEDIUM |
| NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. | |||||
| CVE-2023-0182 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-04-10 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an out-of-bounds write can lead to denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-0192 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2023-04-10 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure. | |||||
| CVE-2023-0197 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Virtual Gpu, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2023-04-10 | N/A | 6.5 MEDIUM |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | |||||
| CVE-2023-0186 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-04-07 | N/A | 7.1 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an out-of-bounds write can lead to denial of service and data tampering. | |||||
| CVE-2022-34668 | 1 Nvidia | 1 Nvflare | 2023-03-27 | N/A | 9.8 CRITICAL |
| NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity. | |||||
| CVE-2018-3979 | 2 Canonical, Nvidia | 33 Ubuntu Linux, Geforce Gtx 745, Geforce Gtx 745 Firmware and 30 more | 2023-02-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload). | |||||
| CVE-2022-42284 | 1 Nvidia | 2 Bmc, Dgx A100 | 2023-01-24 | N/A | 5.5 MEDIUM |
| NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This may lead to a credentials exposure. | |||||
| CVE-2022-42285 | 1 Nvidia | 2 Dgx A100, Sbios | 2023-01-24 | N/A | 7.8 HIGH |
| DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering. | |||||
| CVE-2022-42287 | 1 Nvidia | 2 Bmc, Dgx A100 | 2023-01-24 | N/A | 7.8 HIGH |
| NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure and data tampering. | |||||
| CVE-2022-42283 | 1 Nvidia | 2 Bmc, Dgx A100 | 2023-01-24 | N/A | 7.8 HIGH |
| NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | |||||
| CVE-2022-42282 | 1 Nvidia | 2 Bmc, Dgx A100 | 2023-01-24 | N/A | 5.5 MEDIUM |
| NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can access arbitrary files, which may lead to information disclosure. | |||||